[ic] Died in server spawn: read: closed

Wed Jan 5 23:25:06 UTC 2011

On 01/05/2011 04:55 PM, Grant wrote:
>>>>> I'm getting messages like this in my global error log every few days:
>>>>>
>>>>> Died in server spawn: read: closed at
>>>>> /usr/local/interchange/lib/Vend/Server.pm line 728.
>>>>>
>>>>> Today a user described what I think was a 500 Internal Server Error
>>>>> apache2 error page which corresponds to one of these errors.
>>>>>
>>>>> Does anyone know more about what could be happening or how to track it
>>>>> down?
>>>>>
>>>>> - Grant
>>>>
>>>> Have you checked your Apache error logs for entries at that same time?
>>>>
>>>> DB
>>>
>>> I've just done that and I see that the error corresponds to this
>>> apache2 error message about half of the time:
>>>
>>> close: Broken pipe\n,
>>>
>>> It always seems to be a POST and it can be SSL or not.  Any idea where
>>> to look from here?
>>
>> Are you using Interchange::Link, or the regular cgi-bin script?
>
> I am using Interchange::Link actually.

I suggest you remove Interchange::Link and see if that fixes it. AFAIK, 
this module is no longer maintained, and it and mod_interchange have had 
their share of problems in the past.

If you are using IC::Link to avoid 'cgi-bin' in the URLs, there is a 
howto in the online docs that is a good starting point for using 
RewriteRules. My personal usage is below. This method prevents 
Interchange from having to handle all 404 requests, unless the request 
does not have an extension, or is a known file type that IC serves. YMMV.

ScriptAlias /cgi-bin/ /home/mysite/cgi-bin/
RewriteEngine On

RewriteCond  /home/mysite/www%{REQUEST_FILENAME} -f
RewriteRule  ^.+$  -  [L,NS]

RewriteCond  %{REQUEST_FILENAME}  \.
RewriteCond  %{REQUEST_FILENAME}  !\.(?:html|txt|xml|pdf|iif)$
RewriteRule  ^.+$  -  [L,NS]

RewriteCond  %{REQUEST_FILENAME}  !^/cgi-bin/mysite/?
RewriteRule  ^(.+)$  /cgi-bin/mysite$1  [L,NS,PT]

RewriteRule ^/(index(\.html?)?)?$  /cgi-bin/mysite/index  [L,NS]

Best,
Josh

>> What about looking at line 728 of your Server.pm (and its context)? That may
>> have some clues.
>
> Now I'm really thinking SocketReadTimeout.  Line 728 is the "read:
> closed" line of this sub in Server.pm:
>
> sub _read {
>      my ($in, $fh) = @_;
>          $fh = \*MESSAGE if ! $fh;
>      my ($r,$rin);
>
>      vec($rin,fileno($fh),1) = 1;
>
>      do {
>          if (($r = select($rin, undef, undef,
> $Global::SocketReadTimeout || 1))>  0) {
>              $r = sysread($fh, $$in, $r, length($$in));
>          }
>      } while ((!defined($r) || $r == -1)&&  ($!{eintr} || $!{eagain}));
>
>      die "read: $!" unless defined $r;
>      die "read: closed" unless $r>  0;
> }
>
> Does anyone have an understanding of how great the DoS vulnerability
> is if I increase SocketReadTimeout?  Is there another way to mitigate
> that threat?
>
> - Grant

-- 
Josh Lavin
Perusion -- Expert Interchange Consulting    http://www.perusion.com/